Some sites such as mon-ip.com allows to see the internal IP (javascript enabled). It's worrying when using some vpn (with unique external ip address), because the internal iP is what identify you inside the vpn (10.x.y.z).

I noticed that when using privoxy, the site mon-ip.com failed to see my internal IP, and write a very nice FORBIDDEN instead.

So, how to get the same result without having to use privoxy ?


EDIT:

Anonymous Surfing (http://www.auditmypc.com/anonymous-surfing.asp) is able to grab my internal IP, with Privoxy enabled and Javascript disabled. :mad:

So, how to get the same result without having to use privoxy ?

By using a better Anti-Virus like BitDefender or Kaspersky :unsure:

By using a better Anti-Virus like BitDefender or Kaspersky :unsure:


Have you test it with Anonymous Surfing (http://www.auditmypc.com/anonymous-surfing.asp) ?

are you talking about where you have to make a registry hack to


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\Parameters\Interfaces

and assign ( I think?? ) for IPAutoconfigurationEnabled key to a REG_DWORD hexadecimal value of 0??
A hack like that I know disables what's called Automatic Private IP Addressing

Oh. Wait. No don't do that. That I think is for when there is no DHCP server present.

No, I think what you might want is what's called a " High Anonymity Proxy " b/c it does not make available the original IP address.

EDIT:

Anonymous Surfing (http://www.auditmypc.com/anonymous-surfing.asp) is able to grab my internal IP, with Privoxy enabled and Javascriot disabled. :mad:

Not here (and I'm behind a router, so I do have an internal IP). Some sites can get it via Java, but knowing you to a certain degree you probably have that and Flash disabled.

Can IP.cc's extensive anonymity test see it as well? Because in that case, it's being sent on your HTTP requests, somewhere.

Can IP.cc's extensive anonymity test see it as well? Because in that case, it's being sent on your HTTP requests, somewhere.

All ip.cc's extensive anonymity test are good.



Not here (and I'm behind a router, so I do have an internal IP). Some sites can get it via Java, but knowing you to a certain degree you probably have that and Flash disabled.

Java was implied. So I disabled java Platform pluggin. No more problem, with or without privoxy or javascript, on the two previous sites.

Interesting find!,

I retract my words about the inability to grab Mac-address then.

Both sites got my internal IP address, and I'm behind two NATs!!

Might need to enforce some protective methods like disabling java and/or flash (whitelists..etc).

Might need to enforce some protective methods like disabling java and/or flash (whitelists..etc).

I don't use sites with Java applets, and Flash is disabled by default, only whitelisted for YouTube and Grooveshark, which I visit in private tabs.

I don't use sites with Java applets

Math/Physics nerd here, needs java for simulation apps..etc


and Flash is disabled by default, only whitelisted for YouTube and Grooveshark, which I visit in private tabs.

When I used NoScript(iirc, this one controls flash whitelists) for the first time, it was just too much work to click enable,enable,add to exceptions ..etc.
but certainly, one must take some actions against info-collectors.

Math/Physics nerd here, needs java for simulation apps..etc

You can always run a separate browser for educational apps...

You can always run a separate browser for educational apps...

I run at least 100 Iron tabs (400MB?), my Geforce card has shared memory, for trackers I use firefox (thats at least 200MB of RAM), Windows 7 gets its fair RAM amount, so I'm usually left with nothing,
sometimes I want to run a virtual machine for some tests, but I can't I need to kill firefox/iron to free up some Ram
If I used another browser for educational purposes then its the same, no enough RAM = slow computer, and no virtual machines.

* taking about my laptop.(2GB RAM).

---
otherwise, thats probably the best solution :D

Can IP.cc's extensive anonymity test see it as well? Because in that case, it's being sent on your HTTP requests, somewhere.

It was the case with Thunderbird, 3 years ago:


does anyone know how to keep thunderbird from including your PC's NAT ip address (ex. 192.168.1.1) in the headers? other email programs (Outlook) don't include the NAT address in the headers so i'm hoping there is a way to keep Thunderbird from including it, maybe in the config editor? i don't know, either way any help is appreciated.
Thunderbird includes NAT ip in mail headers • mozillaZine Forums (http://forums.mozillazine.org/viewtopic.php?f=39&t=574630&start=0&st=0&sk=t&sd=a)

My uni proxy does the same as well, sending your LAN IP on the "Via" HTTP header. I don't know why they do that as, that information is useless to send, maybe even dangerous.

i test it with Mask Surf Pro .. and doesn't know any thing about me neither real ip or internal ip :P

also i used safe run (the feature on kaspersky that allowed you to access your application on green safe) and the site didn't know except my ip ..